package com.wangrui.config;

import com.wangrui.pojo.User;
import com.wangrui.service.UserService;
import com.wangrui.utils.Md5Utils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.NoOpPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

import javax.annotation.Resource;

/**
 * @ClassName WebSecurityConfig
 * @Description TODO
 * @Author 王锐
 * @Date DATE{TIME}
 */
@Configuration
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
    @Bean
    UserDetailsService customUserService() { // 注册UserDetailsService 的bean
        return new CustomUserDetailsService();
    }
    @Bean
    public static NoOpPasswordEncoder passwordEncoder() {
        return (NoOpPasswordEncoder) NoOpPasswordEncoder.getInstance();
    }
    @Override
    //重写configure(HttpSecurity http)的方法，这里面来自定义自己的拦截方法和业务逻辑
    protected void configure(HttpSecurity http) throws Exception {
        http.headers().frameOptions().disable();
        System.out.println("访问路径配置！！");
        http.authorizeRequests()
                .antMatchers("/user/**").hasRole("1")
                .antMatchers("/school/**").hasRole("1")
                .antMatchers("/role/**").hasRole("1")
                .antMatchers("/semester/**").hasRole("1")
                .antMatchers("/main.html").hasRole("1");
        //开启自动配置的登录功能：如果没有权限，就会跳转到登录页面！
        // /login 请求来到登录页
        // /login?error 重定向到这里表示登录失败
        http.csrf().disable();//关闭csrf功能:跨站请求伪造,默认只能通过post方式提交
        http.formLogin()
                .usernameParameter("username")
                .passwordParameter("password")
                .loginPage("/toLogin")
                .loginProcessingUrl("/login")// 登陆表单提交请求*/
                .defaultSuccessUrl("/main.html",true); //.successForwardUrl("/save.html") 添加之后405

        //开启自动配置的注销的功能
        http.logout().logoutSuccessUrl("/");
        //记住我
        http.rememberMe().rememberMeParameter("remember");

    }
    @Override
    public void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(customUserService()).passwordEncoder(new PasswordEncoder() {
            @Override
            public String encode(CharSequence rawPassword) {
                System.out.println(rawPassword+"加密结果："+Md5Utils.md5((String)rawPassword));
                return Md5Utils.md5((String)rawPassword);
            }

            @Override//rawPassword用户输入的，encodedPassword数据库查出来的
            public boolean matches(CharSequence rawPassword, String encodedPassword) {
                return encodedPassword.equals(Md5Utils.md5((String)rawPassword));
            }
        });

    }
}
